Date: Fri, 30 Jan 2004 13:43:06 +0000 From: David Malone <dwmalone@maths.tcd.ie> To: Jeroen Ubbink <crasp@blackbyte.nl> Cc: freebsd-stable@freebsd.org Subject: Re: IPF, IPv6 and a bridge Message-ID: <20040130134306.GA17621@walton.maths.tcd.ie> In-Reply-To: <20040130083808.GA60129@cartman.south-park> References: <20040130083808.GA60129@cartman.south-park>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jan 30, 2004 at 09:38:08AM +0100, Jeroen Ubbink wrote: > ipfw doesn't seem to block router advertisements on a > bridge either. Is this just a problem with both those firewall tools or is > it a problem in FreeBSD? Bridged packets are special and are not usually firewalled. I could be mistaken, but I don't think you can get ipf to filter bridged packets in 4.9. You could use ipfw2 to do it though: sysctl net.link.ether.bridge_ipfw=1 ipfw add deny layer2 mac-type ipv6 recv tun1 (You'll need to turn on ipfw2 to do this - see the ipfw man page for details). David.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040130134306.GA17621>